On 17/02/06, subscribe <[EMAIL PROTECTED]> wrote: > So you have to: ...
As I think Craig Ringer has pointed out before, any user is free to (say) delete files from their desktop. Therefore, if the user downloads and double-clicks a programme that (say) deletes all files from the desktop, then the programme will succeed and the user will suffer for it. This is unfortunate, but is kind of fundamental to our ability to actually do anything with our computers in the first place. However, there are at least three important ways that Apple, Microsoft, etc. can be at fault in such situations. The first is that the OS might automatically allow programmes to be run implicitly and automatically without the user's awareness or authorisation (e.g., Microsoft Outlook, image-format rendering bugs, the original Dashboard Widgets, etc). As noted, this is not the case with the current vulnerability. The second is that the OS might allow malicious programmes to be disguised as harmless desktop files. Unfortunately, Mac OS past and present is full of this kind of problem. The third is that the OS should perhaps alert the user before running any "untrusted" programme for the first time (like what it does when you double-click new types of documents for the first time). Mac OS X seems to be capable of doing this (with both GUI applications and command-line UNIX programmes), but I guess Apple has chosen not to intefere with people's usability experience in that way out of the box. <insert debate here>
